@escape.tech/graphql-armor-cost-limit is vulnerable to Restriction bypass. The vulnerability is due to the default enabling of the ignoreIntrospection setting in GraphQL servers, which fails to enforc ...
Continue Reading
May 06, 2025
github.com/mattermost/mattermost-server is vulnerable to Denial Of Service (DoS). The vulnerability is due to missing validation of uniqueness and quantity of task actions in the UpdateRunTaskActions ...
Continue Reading
May 06, 2025
Summary {field}.isFilterable access control can be bypassed in update and delete mutations by adding additional unique filters. These filters can be used as an oracle to probe the existence or value o ...
Continue Reading
May 05, 2025
Keystone is a content management system for Node.js. Prior to version 6.5.0, {field}.isFilterable access control can be bypassed in update and delete mutations by adding additional unique filters. The ...
Continue Reading
May 05, 2025
Keystone is a content management system for Node.js. Prior to version 6.5.0, {field}.isFilterable access control can be bypassed in update and delete mutations by adding additional unique filters. The ...
Continue Reading
May 05, 2025
Keystone is a content management system for Node.js. Prior to version 6.5.0, {field}.isFilterable access control can be bypassed in update and delete mutations by adding additional unique filters. The ...
Continue Reading
May 05, 2025
Keystone is a content management system for Node.js. Prior to version 6.5.0, {field}.isFilterable access control can be bypassed in update and delete mutations by adding additional unique filters. The ...
Continue Reading
May 05, 2025
Keystone is a content management system for Node.js. Prior to version 6.5.0, {field}.isFilterable access control can be bypassed in update and delete mutations by adding additional unique filters. The ...
Continue Reading
May 05, 2025
Back to Main
